Hi all,
I need to debug a complex program under a win 64 system, for complex I don't mean a protected target, but a target very big with several dlls loaded and released, partially written in .NET and native code.
So I investigated a little what 64 bit debuggers were present. Olly has to be excluded unfortunately, but there were two other alternatives I found:
- IDA64: I still honestly have not tried it under 64b platform because I hate its debugging interface and think that it's quite unusable. Beside this IDA64 is still less advanced than its 32b version, because it lacks some important features (e.g. the decompiler wont' support 64b code) and has some bugs (e.g. the disassmbly engine often doesn't recognize double words, references and portions of functions)
- BugDb64 (http://forum.exetools.com/showthread.php?t=14539): I tried this promising one since it's a nice mixture of SoftICE commands and Olly interface. But unfortunately it still lacks several important functionalities and some already present don't work (it's a pre-alpa therefore it's normal). For my target for example I needed to break on a specific dll when it was being loaded by the program, but the command supposed to to that simply doesn't work. It's as well impossible to enter into a specific module (like Olly does) to add breakpoints or any other stuff in a specifi portion of code.
So I'm now stuck with static patching (under IDA64) and offline tests if the patch works.
The question is therefore which other tools I have to succesfully debug and patch 64b applications. It seems like several tools still are just not being ported to 64b. And of course which are your experiences!
BR,
Shub